package com.zan.controller;

import com.zan.service.HelloService;
import com.zan.vo.ResponseResult;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.CrossOrigin;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import javax.annotation.Resource;

/**
 * @Author Zan
 * @Date 2023/10/17 9:59
 * @Description :
 */
@RestController
@CrossOrigin
public class HelloController {

    @Resource
    private HelloService helloService;

    @RequestMapping("/hello")
    @PreAuthorize("hasAuthority('system:dept:list')") // 所谓的权限其实就是字符串
//    @PreAuthorize("hasAnyAuthority('system:dept:list', 'test', 'admin')")
//    @PreAuthorize("hasRole('system:dept:list')")
//    @PreAuthorize("@ex.hasAuthority('system:dept:list')")
    public String hello() {
        String hello = helloService.hello();
        System.out.println(hello);
        return hello;
    }

    @PostMapping("/testCors")
    public ResponseResult testCors() {
        return new ResponseResult(200, "testCors");
    }
}
